Application Secutiry Consultant Sr

At PwC, we are currently seeking a Senior Application Security Consultant to join our global team.

If you love designing & building security technology, this is the place to be!

Experience/Skills:

● Experience in a software development field such as Software Developer, Architect, Software Quality Assurance, or Application Security Engineering

● Experience in Cloud Infrastructure such as Cloud Engineer, Infrastructure Architect, or SRE Engineer

● Possess a strong understanding of application architectural patterns, such as MVC, Microservices, Event-driven etc.

● Possess strong business acumen with ability to work with application development, QA and security teams

● Knowledge of the OWASP Top 10

● Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership; proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement and performance

● Possessing knowledge and experience with application security solutions and web hosting architecture and principles

● Leveraging experience with Software development including web, mobile applications and development languages

● Having experience with commercial Source Code Analysis/Static Application Security Testing Tools

● Understanding of application source code vulnerability mitigation processes

● Recognizing risk assessment/acceptance factors that can affect business and security decisions

● Having knowledge of and experience with Business processes and drivers that can affect system design

● Analyzing application security vulnerabilities and executing mitigation strategies.

● Leveraging review processes using application threat vulnerability tools, scanning techniques and/or code review results

● Using assessments of vulnerabilities, sources of threats, and current security guidance to determine the effectiveness of mitigation plans

● Knowledge of effective controls for Application Security, Cloud & Services Hosting, Identity and Access Management, Data Protection, Borderless Connectivity, Endpoint Security, and Cyber Security Operations

● Conversant with ISO 27002:2005/2013 information security standard

● Demonstrating architectural domain knowledge including cloud application architecture and container-based deployment

● Partnering with and enabling the development process to assure that security requirements are met while allowing for maximum speed to market

● Experience collaborating with multiple stakeholders across functional and technical skill sets

● Aligning business requirements to complex security architecture frameworks

-English: Advanced

-100% remote (ARG only)